public void TestUdpProtocol() { var firewallSpec = new FirewallRuleSpec { Protocol = Protocol.Udp, Ports = new List <PortRange> { new PortRange { Start = 8080, End = 8090 }, }, Networks = new List <IPRange> { new IPRange() { Start = "10.1.1.1", End = "10.1.1.100" }, } }; manager.CreateOutboundFirewallRule(Username, firewallSpec); var rule = (INetFwRule3)firewallPolicy.Rules.Item(Username); CheckCommonRuleProperties(rule); Assert.Equal((int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_UDP, rule.Protocol); Assert.Equal("10.1.1.1-10.1.1.100", rule.RemoteAddresses); Assert.Equal("8080-8090", rule.RemotePorts); }
public void TestAllProtocolsFirewallRule() { var firewallSpec = new FirewallRuleSpec { Protocol = Protocol.All, Ports = new List <PortRange> { new PortRange { Start = 8080, End = 8090 }, }, }; manager.CreateOutboundFirewallRule(Username, firewallSpec); // On windows we have to create two rules one for tcp and another for udp var rule = (INetFwRule3)firewallPolicy.Rules.Item(Username); CheckCommonRuleProperties(rule); Assert.Equal((int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP, rule.Protocol); Assert.Equal("*", rule.RemoteAddresses); Assert.Equal("8080-8090", rule.RemotePorts); firewallPolicy.Rules.Remove(Username); rule = (INetFwRule3)firewallPolicy.Rules.Item(Username); CheckCommonRuleProperties(rule); Assert.Equal((int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_UDP, rule.Protocol); Assert.Equal("*", rule.RemoteAddresses); Assert.Equal("8080-8090", rule.RemotePorts); }
public IHttpActionResult NetOut(string handle, FirewallRuleSpec netOutRequest) { var container = containerService.GetContainerByHandle(handle); if (container == null) { return(NotFound()); } container.CreateOutboundFirewallRule(netOutRequest); return(Ok()); }
public void CreateOutboundFirewallRule(string windowsUserName, FirewallRuleSpec firewallRuleSpec) { var protocol = firewallRuleSpec.Protocol; if (protocol == Protocol.All) { CreateFirewallRuleForProtocol(windowsUserName, Protocol.Udp, firewallRuleSpec); CreateFirewallRuleForProtocol(windowsUserName, Protocol.Tcp, firewallRuleSpec); } else { CreateFirewallRuleForProtocol(windowsUserName, protocol, firewallRuleSpec); } }
public void TestIcmpProtocolIgnored() { var firewallSpec = new FirewallRuleSpec { Protocol = Protocol.Icmp, Networks = new List <IPRange> { new IPRange() { Start = "0.0.0.0", End = "0.0.0.0" }, } }; var rulesBefore = firewallPolicy.Rules; manager.CreateOutboundFirewallRule(Username, firewallSpec); var rulesAfter = firewallPolicy.Rules; Assert.Equal(rulesAfter.Count, rulesBefore.Count); }
public void CreateFirewallRuleWithPorts() { var firewallSpec = new FirewallRuleSpec { Protocol = Protocol.Tcp, Ports = new List <PortRange> { new PortRange { Start = 8080, End = 8090 }, } }; manager.CreateOutboundFirewallRule(Username, firewallSpec); var rule = (INetFwRule3)firewallPolicy.Rules.Item(Username); CheckCommonRuleProperties(rule); Assert.Equal((int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP, rule.Protocol); Assert.Equal("*", rule.RemoteAddresses); Assert.Equal("8080-8090", rule.RemotePorts); }
public void CreateFirewallRuleWithNetworks() { var firewallRuleSpec = new FirewallRuleSpec { Protocol = Protocol.Tcp, Networks = new List <IPRange> { new IPRange { Start = "10.1.1.1", End = "10.1.10.10" } } }; manager.CreateOutboundFirewallRule(Username, firewallRuleSpec); var rule = (INetFwRule3)firewallPolicy.Rules.Item(Username); CheckCommonRuleProperties(rule); Assert.Equal((int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP, rule.Protocol); Assert.Equal("10.1.1.1-10.1.10.10", rule.RemoteAddresses); Assert.Equal("*", rule.RemotePorts); }
private void CreateFirewallRuleForProtocol(string windowsUserName, Protocol proto, FirewallRuleSpec firewallRuleSpec) { var firewallPolicy = getComObject <INetFwPolicy2>(NetFwPolicy2ProgID); // This type is only avaible in Windows Server 2012 var rule = getComObject <INetFwRule3>(NetFwRuleProgID); rule.Name = windowsUserName; switch (proto) { case Protocol.Tcp: rule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_TCP; break; case Protocol.Udp: rule.Protocol = (int)NET_FW_IP_PROTOCOL_.NET_FW_IP_PROTOCOL_UDP; break; default: throw new Exception("Protocol " + proto + " is unknown"); } rule.Action = NET_FW_ACTION_.NET_FW_ACTION_ALLOW; rule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_OUT; rule.RemotePorts = firewallRuleSpec.RemotePorts; rule.RemoteAddresses = firewallRuleSpec.RemoteAddresses; rule.Enabled = true; string userSid = GetFormattedLocalUserSid(windowsUserName); rule.LocalUserAuthorizedList = userSid; firewallPolicy.Rules.Add(rule); }